Microsoft reported a vulnerability in its Windows operating system, ranging from versions Windows 7 to Windows 10, is being targeted by cybercriminals, according to a Nov. 1 Forbes report.
Five things to know:
1. Google’s Project Zero team informed Microsoft of the vulnerability within the Windows Kernel Cryptography Driver. Hackers can exploit the vulnerability to gain additional privileges within the computer.
2. Microsoft confirmed the attack but said it was limited. Hackers need two vulnerabilities to exploit; one from a browser and one from Windows.
3. The browser-based vulnerability has been patched and updated Chrome and Microsoft Edge browsers are protected, according to the report.
4. There is not a patch yet to the Windows vulnerability, which means if the system was compromised prior to the browser-based patch, hackers can still exploit the Windows vulnerability.
5. Hackers can’t affect cryptographic functionality by attacking the Windows vulnerability, according to the report.
More articles on cybersecurity:
Connecticut city pays $202K HIPAA fine for failing to terminate former health department employee’s PHI access
Ohio hospital accidentally posted protected health info online: 4 details
Nearly 700,000 health records breached in October
© Copyright ASC COMMUNICATIONS 2020. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.